• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Liutauras Vilda
  • Jeanne Boyarsky
  • paul wheaton
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Henry Wong
Saloon Keepers:
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Tim Moores
  • Mikalai Zaikin
Bartenders:
  • Frits Walraven

Synchronized Tokens (Web Application Control Flow)

 
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi there

I want to be able to detect when an invalid request has been sent.
i.e accessing an application via a bookmark link but obviously still has a valid session. Or lets say a user is in java.sun.com/form.jsp and changes the url to www.google.com and then a few minutes later changes url back to java.sun.com/form.jsp.

How can I detect that the request above is not valid therefore invalidate such session (forwarding the user to login.page)

I have read about struts tokens but considering struts now will require a lot of work because of how our architecture is right now.

I would like to implement this using a Filter Class. Can someone please shed some light on how i can achieve this without struts.

Thanks in Advance..
[ October 18, 2008: Message edited by: Steve grand ]
 
Author and all-around good cowpoke
Posts: 13078
6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

How can I detect that the request above is not valid



What exactly is invalid about it?

Why do you care if I switch my browser to another tab and look at yahoo for a while as long as the session is still valid when I switch back?

Bill
 
Steve grand
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Absolutely good point Bill but when you build apps to meet other peoples requirement it becomes a diff story .........
 
Sheriff
Posts: 67752
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
But you still haven't explained what you mean by "invalid". I have no clue.
 
Steve grand
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Sorry Bill - what i meant there by invalid request - lets say you in java.sun.com/form.jsp and then you bookmark this page, and you navigate to www.google.com and then five minutes later you re-access java.sun.com/form.jsp this time via the bookmark link (this request is what i am referring to as invalid request.

In a nutshell I would like to invalidate a user's session if they leave my application (website). more less like login out the user
 
Bear Bibeault
Sheriff
Posts: 67752
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Choosing the term "invalid" for that is confusing... there's nothing truly invalid about it.

You might be able to achieve this extremely bizarre requirement by checking the referer header (yes, it's misspelled) but that's not always guaranteed to always work -- in fact, in the scenario you mentioned, bookmarks, it likely won't.

Probably the only other thing you can do is to use an extremely short session timeout value.

Have you asked the framers of these requirements why they want to alienate their users in this fashion?
 
No, tomorrow we rule the world! With this tiny ad:
Gift giving made easy with the permaculture playing cards
https://coderanch.com/t/777758/Gift-giving-easy-permaculture-playing
reply
    Bookmark Topic Watch Topic
  • New Topic